Systems and methods to bypass online advertisement blockers

ABSTRACT

Some embodiments provide an adblocking bypass system for ensuring that advertisements are loaded and presented on a user device running one or more adblockers. The adblocking bypass system is comprised of a bypass loader and a bypass proxy. The bypass loader is a component that is embedded within content publisher content. When the content publisher content is downloaded and parsed by a user device, the bypass loader executes by detecting the presence of any adblocker on the user device. If found, the bypass loader forwards any blocked advertisement calls to the bypass proxy. The bypass proxy retrieves the requested advertisements and returns them to the bypass loader which then reintroduces the advertisements in final content presentation or rendering. The bypass proxy may also modify the content publisher content by replacing any blocked advertisement calls embedded within the content with calls to the bypass proxy.

CLAIM OF BENEFIT TO RELATED APPLICATIONS

This application is a continuation of U.S. nonprovisional applicationSer. No. 14/474,216 entitled “Systems and Methods to Bypass OnlineAdvertisement Blockers”, filed Sep. 1, 2014. The contents of applicationSer. No. 14/474,216 are hereby incorporated by reference.

TECHNICAL FIELD

The present invention is directed to online advertisement systems and,more particularly, to systems and methods for counteracting onlineadvertisement blockers that run on user devices.

BACKGROUND ART

Online advertising is an important revenue stream for many publishers ofonline content. Online advertising is also an important means throughwhich different entities, products, and services generate goodwill,brand recognition, and customer loyalty as well as promote anddisseminate information about those entities, products, and services.

Online advertisement can be in the form of banner, pop-up, embedded,in-line, interstitial, and full page canvas advertisements that arepresented when a user visits a page, navigates away from a page, closesa page, or is otherwise directed to a page or an advertisement. Theadvertisements can be provided as links, audio content, or visualcontent including text, images, and other multimedia content.

Advertisement blocking tools, also referred to herein as adblockers,operate to block the display and, in some cases, the loading of onlineadvertisements on websites, such as HyperText Markup Language (HTML)pages, and other downloadable content. Adblockers can be softwareapplications, browser components, extensions, add-ons, scripts, or anyservice that operates in conjunction with a web browsing application,such as Chrome, Internet Explorer, and Firefox, for the purpose ofblocking the display and/or loading of online advertisements.

Adblockers operate by intercepting calls to advertisements withincontent or preventing the advertisements from loading as part of thecontent. Typically, adblockers identify the advertisement calls that areto be intercepted using various blacklists. The blacklists may specifylinks or classes that identify various servers, services, or sources ofadvertisements. The blacklisted links include Uniform Resource Locators(URLs), other hyperlinks, or addressing to known advertisements oradvertising providers. The blacklisted classes include function calls,scripting language, and other code that are used to embed advertisementswithin content. Adblockers may also block specific Cascade Style Sheet(CSS) selectors, CSS styles, and HTML elements from loading or beingincluded as part of the content presentation. These and many othertechniques may be used by different adblockers, but their objective isthe same, to prevent the display or loading of advertisements that areembedded within online content.

Adblockers therefore prevent the presentation of content as originallyintended by the originating content publisher. In so doing, adblockersdeprive the content publisher of advertising revenue and also preventthe marketing, promotion, and information dissemination of entities,products, and services. Accordingly, there is a need to counteract theeffect of adblockers and ensure that content is presented on the userdevice in the manner intended by the originating online contentpublisher.

SUMMARY OF THE INVENTION

It is an objective of the embodiments described herein to load anddisplay advertisements as originally configured in online contentpublisher content, even when one or more adblockers execute on the userdevice. To achieve these and other objectives, some embodiments providean adblocking bypass system.

The adblocking bypass system is comprised of a bypass loader and abypass proxy. The bypass loader is a component that is embedded withincontent publisher content. The bypass loader is configured to run afterthe operation of any adblockers and reverse or counteract adblockeroperation, thereby ensuring that advertisements configured as part ofthe content will be loaded and presented on the user device. In someembodiments, the bypass loader is configured to run after firing orexecution of the load or onload event on the user device parsing andrendering the content.

When executed, the bypass loader detects presence of an adblockerrunning on the user device. In some embodiments, detection involvesattempting to load an advertisement that is itself tracked or contains atrackable resource. If the tracked advertisement or resource is notpresent after the onload event, then the bypass loader determines thatan adblocker is running on the user device.

If an adblocker is not detected on the user device, the bypass loaderterminates and the user device processes, renders, and presents thecontent without modification. If the bypass loader detects presence ofan adblocker, the bypass loader dynamically disguises the advertisementcalls within the content to avoid having the calls match entries withinthe adblocker's blacklist. Specifically, the bypass loader uses a cipherto encrypt or otherwise obfuscate the domain name, hostname, UniformResource Locator (URL), or other address or request of the advertisementcall. The bypass loader appends the cipher key used for the obfuscationto the obfuscated advertisement call. In some embodiments, the bypassloader also performs a base32 encoding of the obfuscated advertisementcall to ensure it is formatted as a proper URL query. The bypass loaderthen passes the obfuscated advertisement call containing the encryptedoriginal advertisement call and the cipher key used to perform theencryption to the bypass proxy. To ensure that the obfuscatedadvertisement call passing to the bypass proxy is not blocked by anadblocker, some embodiments periodically change the address (e.g.,domain name) of the bypass proxy. The change can be performedautomatically using a hash of a key or timestamp to generate the newaddress or domain name with a concerted action occurring at the bypassproxy to change routing or Domain Name System (DNS) configurationsaccordingly.

The bypass proxy is a hosted service that runs on a remote machineoperating independent of the user device. The bypass proxy receives theobfuscated advertisement calls from the different bypass loaderinstances running on different user devices and reverses the obfuscationoperations performed by the bypass loaders. For a specific obfuscatedadvertisement call, the bypass proxy decodes the base32 encoding,extracts the appended cipher key, and uses the cipher key to decrypt theoriginal advertisement call. The bypass proxy then retrieves theadvertisement from the corresponding advertisement server identified bythe original advertisement call before forwarding the advertisement backto the appropriate bypass loader. To preserve the advertisers ability totrack each user device with cookies or other means, the bypass proxy mayinclude various header parameters including the user device IP addressin the request to the advertisement server. Similarly, the header of theadvertisement server response containing the requested advertisement maybe parsed by the bypass loader to forward any tracking information orother relevant header parameters to the user device.

Upon receiving a forwarded advertisement from the bypass proxy, thebypass loader reintroduces the advertisement into the final presentationor rendering of the content. In some embodiments, the bypass loaderreintroduces the advertisement by manipulating the Document Object Model(DOM) of the content rendering application running on the user device.

To avoid repeating these operations, in some embodiments, the bypassproxy modifies the content publisher content hosted on the remote siteso that the original advertisement calls are replaced with theobfuscated advertisement calls. In other words, the bypass proxyrewrites the advertisement calls in the original content with addressingof the bypass proxy instead of addressing of the correspondingadvertisement servers, wherein the addressing of the correspondingadvertisement servers may be encrypted and/or included as part of therewritten advertisement calls in some embodiments.

BRIEF DESCRIPTION OF THE DRAWINGS

In order to achieve a better understanding of the nature of the presentinvention, preferred embodiments for the adblocking bypass system willnow be described, by way of example only, with reference to theaccompanying drawings in which:

FIG. 1 illustrates the operating environment of the adblocking bypasssystem in accordance with some embodiments.

FIG. 2 presents a message exchange diagram illustrating operation of theadblocking bypass system in ensuring that advertisements are loaded andpresented on a user device running one or more adblockers.

FIG. 3 conceptually illustrates operation of the adblocking bypasssystem in accordance with some embodiments.

FIG. 4 presents a process performed by the bypass loader forcounteracting the advertisement intercepting and blocking of adblockersin accordance with some embodiments.

FIG. 5 presents a process performed by the bypass proxy for retrievingan advertisement on behalf of an instance of the bypass loader inaccordance with some embodiments.

FIG. 6 presents a CSS translation process for circumventing CSS blockingby adblockers in accordance with some embodiments.

FIG. 7 illustrates a computer system or server with which someembodiments are implemented.

DETAILED DESCRIPTION

In the following detailed description, numerous details, examples, andembodiments for the adblocking bypass system are set forth anddescribed. The adblocking bypass system is not limited to theembodiments set forth, and it may be practiced without some of thespecific details and examples discussed. Also, reference is made to theaccompanying figures, which illustrate specific embodiments in which theadblocking bypass system can be practiced. It is to be understood thatother embodiments can be used and structural changes can be made withoutdeparting from the scope of the embodiments herein described.

FIG. 1 illustrates the operating environment of the adblocking bypasssystem in accordance with some embodiments. Depicted as part of theoperating environment are various content publishers 110, user devices120, advertisement servers 130, and the adblocking bypass systemcomprised of the bypass proxy 140 and various bypass loaders 150.

Content publishers 110 originate content for consumption by the userdevices 120. Content is a general term referring to any web site, text,document, file, media, application, service, or game that is digitallyencoded and is deliverable across a network, such as the Internet.Content itself can be composed of content sub-components, wherein thesub-components may be provided by the same content publisher or othercontent publishers. For instance, content may be embedded with imagesprovided by a first content publisher, a service provided by a secondcontent publisher, and advertisements provided by one or moreadvertisement servers. In FIG. 1, the content publishers 110 are shownto operate one or more servers that host and deliver their content.However as is well known in the art, content publisher originatedcontent can be hosted and served from other sources including contentdelivery networks (CDNs), cloud service providers, and caching or proxyservers operated by others independent of the content publishers 110.

The user devices 120 include any device with a processor that runs acontent processing, rendering, or presenting application. The userdevice can include any of a laptop computer, smartphone, tablet, anddesktop computing machine as some examples. The most common applicationfor processing, rendering, or presenting the content is a web browsingapplication (e.g., Internet Explorer, Firefox, Chrome, and Safari webbrowsers), although other applications running on the user device 120can similarly process, render, or present the content publisher content.For the purposes of the discussion that it to follow, one or moreadblockers are installed on the user devices 120 and running inconjunction with the content retrieval or content rendering applicationof the user devices 120. AdBlock and AdBlock Plus are examples ofadblockers. As noted in the background section, the purpose of theadblockers is to block the display and/or loading of onlineadvertisements that are embedded as part of the content being presentedon a user device. FIG. 7 illustrates various components of the userdevices 120, servers for the content publisher content, and theadblocking bypass system.

Advertisement servers 130 are machines that host and deliver variousadvertisements that are embedded within the content publisher content.As earlier noted, the content publisher content may be configured withzero or more advertisement calls. When a user device receives andprocesses content with one or more advertisement calls, the user devicewill parse and invoke those advertisement calls in order to identify andretrieve the advertisements from the appropriate advertisement servers130. The advertisements are then rendered or displayed as part of thecontent in the manner configured or specified within the contentpublisher content.

The collective operations of the bypass proxy 140 and the bypass loaders150 counteract adblocker functionality and ensure that advertisementsembedded as part of the content publisher content will be loaded anddisplayed on the user devices 120, even when the user devices 120 runone or more adblockers. In some embodiments, the bypass loaders 150 areembedded in content publisher content as server-side scripts thatdynamically adapt in response to adblocker operation. As adblockersmodify which advertisement calls they block, the bypass loader modifiesthe manner in which the advertisements associated with thoseadvertisement calls are retrieved in order to evade the adblocker fromblocking those advertisements. In some embodiments, the bypass loaders150 are embodied as JavaScript, although other scripting languages orcode can be used to implement the bypass loaders 150. In someembodiments, a call or function embedded within the content publishercontent can be used to invoke a bypass loader 150 on a machine that isremote to the user device issuing the call or function. In someembodiments, the bypass loader 150 is configured to execute when orafter the “load” or “onLoad” Document Object Model (DOM) or HyperTextMarkup Language (HTML) event fires. These events fire when a page,object, or entirety of the content has finished loading on thecorresponding user device. More importantly, the events fire afteradblocker execution is complete.

Each bypass proxy 140 is a service that is hosted by the adblockingbypass system. The bypass proxy 140 is a network accessible machine thatoperates independent of the user devices 120 and content publishers 110,although in some embodiments, the bypass proxy 140 functionalitydescribed below can be incorporated directly with content publisherresources. Incorporating the bypass proxy 140 functionality directlywithin servers or other resources (e.g., load balancers) of the contentpublishers 110 is preferable for adblockers that prevent user devicesfrom issuing calls to any third party when rendering first partycontent. In other words, when rendering content from a particularcontent publisher, an adblocker may block any calls issued to any domaindeviating from that of the particular content publisher.

FIG. 2 presents a message exchange diagram illustrating operation of theadblocking bypass system in ensuring that advertisements are loaded andpresented on a user device running one or more adblockers. In thisfigure, messages are exchanged between a user device 205, contentpublisher 210, advertisement server 215, and bypass proxy 220. The userdevice runs an adblocker in conjunction with a browsing application.

The message exchange commences when the user device 205 requests (at230) content from the content publisher 210. The content publisher 210content is embedded with the bypass loader of some embodiments. Thecontent publisher 210 content is also embedded with at least oneadvertisement call that points to an advertisement that is hosted andserved by the advertisement server 215. As an example, the advertisementcall can be an “a href” HTML attribute with a link specifying an addressof the advertisement server. The link can be a Uniform Resource Locator(URL) having a domain name or Internet Protocol (IP) address of theadvertisement server, a directory path, and a filename of theadvertisement. Different content publishers can use differentadvertisement call formatting, HTML elements, and scripts to issue theadvertisement calls. In any event, once the advertisement call isissued, a URL or other address is used to request an advertisement fromthe appropriate advertisement server 130. In response to the user device205 request, the content publisher 210 serves (at 235) the requestedcontent with the at least one advertisement call and bypass loader tothe user device 205.

The user device 205 or browsing application running on the user devicebegins by parsing (at 240) the content and constructing (at 245) the DOMhierarchy. Construction of the DOM hierarchy is well known in the artand an operation performed by most content browsing applicationsincluding web browsers. Generally, constructing the DOM hierarchyinvolves parsing the content into its various object components andproducing a tree with nodes to represent the object components, style,and structure in a manner that is accessible through a standardizedapplication programming interface (API).

While parsing the content and constructing the DOM hierarchy, theadblocker is invoked to intercept any advertisement calls that areembedded in the content and to prevent the advertisements requested bythose calls from being loaded as part of the content. As shown, theadblocker intercepts and blocks (at 250) the advertisement call thatattempts to retrieve an advertisement from the advertisement server 215.The adblocker may identify the advertisement call because the callspecifies a URL, domain name, hostname, or other address that matches toan entry in the adblocker blacklist. The adblocker may also indirectlyidentify advertisement calls by blocking specific Cascade Style Sheet(CSS) selectors and HTML elements from being added to the DOM hierarchy.Specifically, the adblocker can intercept and prevent loading or displayof advertisements by removing or hiding nodes from the DOM hierarchythat arise because of various advertisement calls. In such situations,the user device 205 may actually issue the advertisement calls with theadblocker later preventing them from being loaded or removing them oncethey are loaded as part of the content. Other adblockers may prevent theDOM hierarchy from being constructed with any advertisement relatednodes. In such situations, the adblockers prevent the user device 205from even issuing the advertisement calls to the correspondingadvertisement server.

Once the content is parsed and the DOM hierarchy is constructed, theload event fires (at 255). The firing or completion of the load eventtriggers execution of the bypass loader that is also embedded as part ofthe content publisher content. The bypass loader detects for thepresence of any adblocker running on the user device 205. The detectioncan be performed in any number of ways including attempting to load aspecific advertisement tag that is itself tracked or contains atrackable resource. If an adblocker was running on the user device 205,the adblocker would remove or block that specific advertisement tag ortrackable resource and the absence of which would indicate to the bypassloader that an adblocker is in fact running. The bypass loader thenidentifies the advertisement calls that were intercepted and blocked bythe adblocker. In some embodiments, the bypass loader identifies theadvertisement calls by scanning the content to look for addressing,links, or URLs to known advertisers or advertisement servers that areblacklisted by various adblockers. In some embodiments, the bypassloader identifies the advertisement calls by identifying calls withinthe content that do not have corresponding nodes in the DOM hierarchy asa result of the adblocker removing those nodes or preventing those nodesfrom being constructed. The bypass loader then obfuscates any identifiedadvertisement calls and reissues the obfuscated advertisement calls tothe bypass proxy 220. Obfuscating the advertisement calls is describedwith reference to FIG. 4 below. The bypass proxy 220 address iscontinually changed to ensure that the address is not within theadblockers' blacklists. As such, the obfuscated advertisement calls willnot be blocked. However, some adblockers prevent calls to any thirdparty domain including the domain specified in the bypass proxy 220address. To overcome such restriction, some embodiments direct theobfuscated advertisement call to an address of a load balancer or otherserver operated by the first party content publisher 210. The loadbalancer or other server is configured to identify any obfuscatedadvertisement calls and either forward those calls to the bypass proxy220 or perform the bypass proxy 220 operation by incorporating thebypass operation 220 functionality within the first party contentpublisher's own servers.

In FIG. 2, the bypass proxy 220 receives (at 260) an obfuscatedadvertisement call. In some embodiments, the obfuscated advertisementcall includes the original advertisement call or the original link(e.g., URL) used in requesting the advertisement from the advertisementserver 215. Accordingly, the bypass proxy 220 extracts the originaladvertisement call from the obfuscated advertisement call, requests theoriginal advertisement from the advertisement server 215 as a result ofissuing the original advertisement call, and retrieves (at 265) theoriginal advertisement from the advertisement server 215. The bypassproxy 220 then forwards (at 270) the advertisement to the bypass loaderrunning on the user device 205.

In some embodiments, the bypass proxy 220 may cache a copy of theadvertisement such that future requests for that advertisement can besatisfied from cache without having to access the advertisement server215. A time-to-live parameter may be provided to invalidate the cachedcopy of the advertisement and cause the bypass proxy 220 to retrieveanother copy of the advertisement from the advertisement server 215 uponits expiration.

The bypass loader 205 reintroduces the advertisement that the adblockerremoved back into the presentation or rendering of the content. In someembodiments, the bypass loader 205 reintroduces the advertisement bymanipulating (at 275) the DOM hierarchy. In some embodiments,manipulating the DOM hierarchy involves inserting a node for theadvertisement into the hierarchy with the attributes specified by thecontent provider for presenting the advertisement as part of the contentrendering. The user device 205 resumes its normal operation and rendersthe content based on the modified DOM hierarchy. The resulting contentrendering will include the advertisement that was originally intended bythe content publisher 210 despite the operation of the adblocker runningon the user device 205.

The bypass proxy 220 also accesses the copy of the content stored by thecontent publisher in order to modify (at 280) the advertisement call inthe content. In some embodiments, the modification involves changing thesource address or link of the advertisement call within the content to amodified address or link that is not within the adblocker blacklist. Insome embodiments, the modification involves changing the advertisementcall from requesting the advertisement from the advertisement server 215to requesting the advertisement from the bypass proxy 220 with theoriginal request to the advertisement server 215 being encrypted andincluded as part of the modified advertisement call. Different aliasesor addresses for the bypass proxy 220 can be used to ensure that theadblockers do not prevent access of the user device 205 to the bypassproxy 220.

FIG. 3 conceptually illustrates operation of the adblocking bypasssystem in accordance with some embodiments. Specifically, the figureillustrates operation between a user device 310, a remote site 320hosting content publisher content, a bypass proxy 330, and anadvertisement server 340.

The content publisher content includes at least an advertisement call350 for including an advertisement as part of the content publishercontent and a script for running the bypass loader 355 of someembodiments. In this figure, the advertisement call 350 is an HTML “ahref” attribute specifying an advertisement URL for retrieving theadvertisement from the advertisement server 340. The advertisement URLis “www.advertisement.com/ad.jpg”. As before, the bypass loader 355script is configured to execute after the load event on the user device310 fires during the processing and rendering the content.

The user device 310 requests and receives the content publisher contentfrom the remote site 320. The request can be issued by invoking a link,directing a browser of the user device 310 to the address of the site,or launching any application that loads the content publisher content.The content request is typically issued as a HyperText Transfer Protocol(HTTP) GET request with a URL identifying an address of the site 320 andthe content being requested.

Upon receiving the content, an adblocker running on the user device 310blocks the advertisement call 350. This may be due to the address (i.e.,domain name) of the advertisement server 340 specified as part of theadvertisement call being within the adblocker's blacklist.

After the user device 310 loads the content objects, the load eventfires. Consequently, the bypass loader 355 script is invoked and thebypass loader 355 begins its operation. The bypass loader 355 detectsthe adblocker running on the user device 310 and the advertisement callthat was blocked by the adblocker. The bypass loader 355 then obfuscatesthe advertisement call and issues the obfuscated advertisement call tothe bypass proxy 330. As shown in FIG. 3, the obfuscated advertisementcall is specified as “www.proxy.com/abcdef123456”, wherein “proxy.com”is the domain name pointing to the bypass proxy 330 and the“abcdef123456” parameter encrypts the original advertisement call to“www.advertisement.com/adjpg”. The obfuscated advertisement call can beissued by the user device 310 because the bypass proxy 330 domain nameis not within the adblocker blacklist and therefore will not be blocked.In some embodiments, included with the obfuscated advertisement call isa query string argument to inform the bypass proxy 330 that an adblockerwas detected on the user device 310. An example of the query stringargument is “adblock=true”. In some embodiments, included with theobfuscated advertisement call is an HTTP header to forward the userdevice IP address to the bypass proxy 330.

When the bypass proxy 330 receives the obfuscated advertisement call, itdecrypts the original advertisement URL from obfuscated advertisementcall. Then using the original advertisement call, the bypass proxy 330requests and retrieves the original advertisement from the advertisementserver 340. The bypass proxy 330 returns the advertisement to the bypassloader 355 which then reintroduces the advertisement into the finalrendering or presentation of the retrieved content as was intended bythe content publisher.

The bypass proxy 330 may also modify the content hosted by site 320 soto avoid blocking of the embedded advertisement calls in the future. Asshown, the bypass proxy 330 modifies the content by modifying theadvertisement call to specify the proxy URL instead of the originaladvertisement URL.

To avoid the bypass proxy 330 address from being blacklisted and theobfuscated calls generated to the bypass proxy 330 from being blocked,the adblocking bypass system of some embodiments continually ordynamically changes the bypass proxy 330 address. In some embodiments,the address is automatically changed. In some such embodiments, thebypass loader includes an address generation engine that generates anaddress of bypass proxy 330 based on a hash of a shared key, a date, ortimestamp. The resulting hash can be a temporary domain name that pointsto the bypass proxy 330. For example, a new domain name resolving to thebypass proxy 330 can be generated daily. The same address generationengine is run for the bypass proxy 330 to dynamically configure anyrouters or authoritative Domain Name System (DNS) servers that resolvethe temporary domain names to the bypass proxy 330. This can includechanging an A record, canonical name (CNAME), or alias of the routers orDNS servers used to resolve the temporary domain names to the bypassproxy 330 IP address. As noted above, an alternative is generateobfuscated calls that address the first party content publisher fromwhich the content is received, with the first party publisherredirecting the obfuscated call to the bypass proxy 330. Specifically,local URLs are configured at the first party content publisher toredirect to the bypass proxy 330 and the bypass loader 355 generatesobfuscated calls addressed to one of the local URLs.

FIG. 4 presents a process 400 performed by the bypass loader forcounteracting the advertisement intercepting and blocking of adblockersin accordance with some embodiments. The process begins when the bypassloader is invoked as a result of firing the load event.

The process detects (at 410) presence of one or more adblockers on theuser device on which the bypass loader executes. As noted above, thiscan be accomplished based on the presence or absence of a specificadvertisement tag that is required to return before the load event canbe fired. If an adblocker was running on the user device, the adblockerwould remove or block that specific advertisement tag and the absence ofwhich would indicate to the bypass loader that an adblocker is in factrunning. In some embodiments, the bypass loader detects the presence ofan adblocker by identifying that dimensions of an advertisement havebeen set to zero such that they are not visible.

If no adblocker is detected (at 420), the process terminates (at 430)operation of the bypass loader and the content is rendered on the userdevice without any changes. However, if one or more adblockers aredetected (at 420), the process scans (at 440) the content to identifyadvertisement calls that have been or could be blocked by theadblockers.

For each identified original advertisement call that is or may beblocked by an adblocker, the process produces an obfuscatedadvertisement call. The process produces the obfuscated advertisementcall by encrypting (at 450) the original advertisement call using acipher and a particular cipher key. The process appends (at 460) theparticular cipher key to the encryption result yielding a string ofpotentially arbitrary length. The particular cipher key may be a fixedsize (e.g., five characters) such that the bypass proxy is able to lateridentify and extract the particular cipher key from the string. Theprocess optionally performs (at 470) a base32 encoding of the resultingstring to ensure the string is formatted as a proper URL query stringargument or pathname. The process then appends (at 475) the string orbase32 encoded string containing the encrypted original advertisementcall and particular cipher key to a URL that specifies the bypass proxyaddress (e.g., IP address or domain name). The bypass proxy addressappended with the string containing the original advertisement call andthe particular cipher key yield the obfuscated advertisement call. Theprocess issues (at 480) the obfuscated advertisement call to the bypassproxy.

As noted above, certain adblockers, when rendering content of aparticular content publisher, may block any calls that are issued to anythird party domain that deviates from the domain of that particularcontent publisher. In such cases, the bypass proxy address of theobfuscated advertisement call can specify an address to a load balancingserver or other server of the particular content publisher that operatesin concert with the adblocking bypass system of some embodiments. Thus,the bypass loader sends the obfuscated advertisement call to a loadbalancer or other machine of the content publisher to avoid theadblocker from blocking the call. The load balancer then identifies theobfuscated advertisement call and forwards it to the bypass proxy.Alternatively, the load balancer or other machine of the contentpublisher can directly incorporate and perform the bypass proxyfunctionality such that the bypass proxy address can address that loadbalancer or other content publisher machine without any furtherredirection.

The bypass proxy reverses the bypass loader operations to extract theoriginal advertisement call from the obfuscated advertisement call,request the advertisement from the appropriate advertisement serverusing the original advertisement call, and return the advertisement tothe bypass loader. Accordingly, the process receives (at 490) theadvertisement from the bypass proxy and reintroduces (at 495) theadvertisement as part of the content presentation or rendering. As notedabove, the process can reintroduce the advertisement by manipulating theDOM hierarchy. The process then ends.

FIG. 5 presents a process 500 performed by the bypass proxy forretrieving an advertisement on behalf of an instance of the bypassloader in accordance with some embodiments. The process 500 commenceswhen the bypass proxy receives (at 510) an obfuscated advertisement callfrom a bypass loader. The process extracts (at 520) the stringcontaining the encrypted original advertisement call and cipher key usedto perform the encryption from the obfuscated advertisement call URL.The process decodes (at 530) the base32 encoding of the string if onewas applied. The process extracts (at 540) the cipher key from theresulting decoded string. As noted above, the cipher key will be somefixed number of symbols or alphanumeric characters at the end of thestring. The process decrypts (at 550) the original advertisement callfrom the remaining string using the cipher key. The process then issues(at 560) the original advertisement call to the correspondingadvertisement server on behalf of the bypass loader. The processreceives (at 570) the advertisement in response. Lastly, the processforwards (at 580) the advertisement back to the bypass loader thatinitially passed the obfuscated advertisement call to the bypass proxy.

In some embodiments, the bypass proxy preserves the ability of theadvertisement server to track the user devices that receive theadvertisements served by the advertisement server. To do so, step 560above can be modified such that when the bypass proxy issues theoriginal advertisement call to the advertisement server, the bypassproxy forwards the user device information to the advertisement server.Specifically, the bypass proxy reads the request header encapsulatingthe original advertisement call to extract identifying information aboutthe user device including the user device IP address. The identifyinginformation is then forwarded in the advertisement call that the bypassproxy submits to the advertisement server on behalf of the user device.The advertisement server can then track the true recipient for theadvertisement. Similarly, when forwarding the advertisement back to thebypass loader at step 580, the bypass proxy can submit the advertisementwith the header provided by the advertisement server which may include acookie or other tracking information.

Some adblockers perform a more aggressive secondary or alternativeroutine to prevent the display of advertisements. They do so by blockingelements matching certain CSS selectors. The adblocking bypass system ofsome embodiments circumvents this adblocking operation by using thebypass loader to insert random zero space elements (i.e., elements thatare invisible on the page) to change the DOM ordering. In so doing, thebypass loader is able to vary or otherwise modify the sought afterselectors. An alternative method to circumvent CSS selector blocking isdescribed with reference to the CSS translation process 600 of FIG. 6.

The process commences with the bypass proxy receiving (at 610) a requestfor a CSS file from a bypass loader with a particular cipher keyspecified on the URL request. The bypass proxy recognizes (at 620) therequest for the CSS file, retrieves (at 630) the CSS file, and searchesthrough it to replace (at 640) all class names with a ciphered versionusing the provided particular cipher key before passing (at 650) the CSSfile with the obfuscated class names to the bypass loader. The processthen receives (at 660) a request for the content HTML from the bypassloader again with the same cipher key. The process retrieves (at 670)the content HTML and performs the same ciphering to obfuscate (at 680)the CSS class names therein to match the changed names of the CSS file.The process passes (at 690) the modified HTML to the bypass loader whichcan then render the content in a manner that prevents the CSS and anyincluded advertisement therein from being blocked.

Many of the above-described processes and components are implemented assoftware processes that are specified as a set of instructions recordedon non-transitory computer-readable storage medium (also referred to ascomputer-readable medium). When these instructions are executed by oneor more computational element(s) (such as processors or othercomputational elements like ASICs and FPGAs), they cause thecomputational element(s) to perform the actions indicated in theinstructions. Server, computer, and computing machine are meant in theirbroadest sense and may include any electronic device with a processorthat executes instructions stored on computer-readable media or that areobtained remotely over a network connection. Examples ofcomputer-readable media include, but are not limited to, CD-ROMs, flashdrives, RAM chips, hard drives, EPROMs, etc. Further, wherever a serveror device is identified as a component of the embodied invention, it isunderstood that the server may be a single physical machine, or acluster of multiple physical machines performing related functions, orvirtualized servers co-resident on a single physical machine, or variouscombinations of the above.

FIG. 7 illustrates a computer system or server with which someembodiments of the bypass system are implemented. Such a computer systemincludes various types of computer-readable mediums and interfaces forvarious other types of computer-readable mediums that implement theprocesses described herein. Computer system 700 includes a bus 705, aprocessor 710, a system memory 715, a read-only memory 720, a permanentstorage device 725, input devices 730, and output devices 735.

The bus 705 collectively represents all system, peripheral, and chipsetbuses that communicatively connect the numerous internal devices of thecomputer system 700. For instance, the bus 705 communicatively connectsthe processor 710 with the read-only memory 720, the system memory 715,and the permanent storage device 725. From these various memory units,the processor 710 retrieves instructions to execute and data to processin order to execute the processes of the invention. The processor 710 isa processing device such as a central processing unit, integratedcircuit, graphical processing unit, etc.

The read-only-memory (ROM) 720 stores static data and instructions thatare needed by the processor 710 and other modules of the computersystem. The permanent storage device 725, on the other hand, is aread-and-write memory device. This device is a non-volatile memory unitthat stores instructions and data even when the computer system 700 isoff. Some embodiments of the invention use a mass-storage device (suchas a magnetic or optical disk and its corresponding disk drive) as thepermanent storage device 725.

Other embodiments use a removable storage device (such as a flash drive)as the permanent storage device. Like the permanent storage device 725,the system memory 715 is a read-and-write memory device. However, unlikethe storage device 725, the system memory is a volatile read-and-writememory, such as random access memory (RAM). The system memory storessome of the instructions and data that the processor needs at runtime.In some embodiments, the processes are stored in the system memory 715,the permanent storage device 725, and/or the read-only memory 720.

The bus 705 also connects to the input and output devices 730 and 735.The input devices enable the user to communicate information and selectcommands to the computer system. The input devices 730 include, but arenot limited to, alphanumeric keypads (including physical keyboards andtouchscreen keyboards) and pointing devices. The input devices 730 alsoinclude audio input devices (e.g., microphones, MIDI musicalinstruments, etc.). The output devices 735 display images generated bythe computer system. The output devices include, but are not limited to,printers and display devices, such as cathode ray tubes (CRT) or liquidcrystal displays (LCD).

Finally, as shown in FIG. 7, bus 705 also couples computer 700 to anetwork 765 through a network adapter (not shown). In this manner, thecomputer can be a part of a network of computers (such as a local areanetwork (“LAN”), a wide area network (“WAN”), or an Intranet, or anetwork of networks, such as the Internet.

As mentioned above, the computer system 700 may include one or more of avariety of different computer-readable media. Some examples of suchcomputer-readable media include RAM, ROM, read-only compact discs(CD-ROM), recordable compact discs (CD-R), rewritable compact discs(CD-RW), read-only digital versatile discs (e.g., DVD-ROM, dual-layerDVD-ROM), a variety of recordable/rewritable DVDs (e.g., DVD-RAM,DVD-RW, DVD+RW, etc.), flash memory (e.g., SD cards, mini-SD cards,micro-SD cards, etc.), magnetic and/or solid state hard drives,read-only and recordable blu-ray discs, and any other optical ormagnetic media.

While the invention has been described with reference to numerousspecific details, one of ordinary skill in the art will recognize thatthe invention can be embodied in other specific forms without departingfrom the spirit of the invention. Thus, one of ordinary skill in the artwould understand that the invention is not to be limited by theforegoing illustrative details, but rather is to be defined by theappended claims.

I claim:
 1. A computer-implemented method for ensuring presentation ofcontent from external destinations on a user device despite execution ofa blocker running on the user device, the computer-implemented methodcomprising: receiving at the user device, a base page from a host inresponse to a request from the user device; detecting at the user deviceand in the base page, an unencrypted particular call for contentcomprising one of a Uniform Resource Locator (URL), Cascade Style Sheet(CSS) selector, or HyperText Markup Language (HTML) element with a firstdomain name of a first destination, that is different than the host, anda path to the content provided by the first destination; encrypting, byoperation of the user device, the first domain name and the path of theunencrypted particular call as an encrypted string using a cipher key inresponse to said receiving the base page with the unencrypted particularcall at the user device from the host; rewriting, by operation of theuser device, the URL, the CSS selector, or the HTML element of theunencrypted particular call as an obfuscated call comprising (i) asecond domain name of a second destination, that is different than thefirst domain name of the first destination of the unencrypted particularcall, and (ii) the encrypted string, that encrypts the first domain nameof the first destination and the path to the content, as a path of theobfuscated call; receiving the content from the second destination atthe user device in response to issuing said obfuscated call from theuser device to the second destination; and inserting the content into apresentation or rendering on the user device.
 2. Thecomputer-implemented method of claim 1, wherein the first destination iswithin a blacklist of the blocker and the second destination is notwithin the blacklist.
 3. The computer-implemented method of claim 1further comprising sending a request for the content, that is decryptedfrom the obfuscated call, from the second destination to the firstdestination in response to the user device issuing the obfuscated callto the second destination.
 4. The computer-implemented method of claim3, wherein sending the request comprises decoding at the seconddestination, the first domain name of the first destination and the pathto the content from the encrypted string of the obfuscated call.
 5. Thecomputer-implemented method of claim 3 further comprising changing afilename or path identified from the encrypted string of the obfuscatedcall to a filename of the content at the second destination and passingsaid content from the second destination to the user device.
 6. Thecomputer-implemented method of claim 1, wherein the obfuscated callfurther comprises the cipher key as part of the path with the encryptedstring.
 7. The computer-implemented method of claim 1, wherein rewritingthe URL, the CSS selector, or the HTML element as an obfuscated callfurther comprises modifying the URL, CSS selector, or HTML element fromidentifying a first type of content to identifying a different secondtype of content.
 8. The computer-implemented method of claim 1, whereinrewriting the URL, the CSS selector, or the HTML element as theobfuscated call further comprises dynamically generating the seconddomain name for the second destination based on at least a hash of ashared key.
 9. The computer-implemented method of claim 8 furthercomprising changing a router or authoritative Domain Name System (DNS)server configuration to link the second domain name to the seconddestination prior to issuing the obfuscated call.
 10. Thecomputer-implemented method of claim 8, wherein generating the seconddomain name is further based on a periodically changing timestamp. 11.The computer-implemented method of claim 8 further comprising changingat least one of a DNS A record, canonical name (CNAME), or alias of thesecond destination to the second domain name during a first time periodin which the obfuscated call is issued.
 12. The computer-implementedmethod of claim 8, wherein the second destination retrieves the contentof the unencrypted particular call from the first destination andreturns said content to the user device in response to the user deviceissuing the obfuscated call to the second destination.
 13. Thecomputer-implemented method of claim 1 further comprising adding saidcipher key to the encrypted string.
 14. The computer-implemented methodof claim 1, wherein detecting the unencrypted particular call furthercomprises determining that the unencrypted particular call is blocked onthe user device based on a Document Object Model of the base pagemissing a node for the unencrypted particular call.
 15. Thecomputer-implemented method of claim 1 further comprising executing, onthe user device, a script that is embedded in the base page, whereinexecuting the script comprises performing said detecting and rewritingon the user device.
 16. A user device comprising: one or more processorsconfigured to: receive a base page from a host in response to a requestfrom the user device; detect in the base page, an unencrypted particularcall for content comprising one of a Uniform Resource Locator (URL),Cascade Style Sheet (CSS) selector, or HyperText Markup Language (HTML)element with a first domain name of a first destination, that isdifferent than the host, and a path to the content provided by the firstdestination; encrypt the first domain name and the path of theunencrypted particular call as an encrypted string using a cipher key inresponse to said receiving the base page with the unencrypted particularcall at the user device from the host; rewrite the URL, the CSSselector, or the HTML element of the unencrypted particular call as anobfuscated call comprising a second domain name of a second destination,that is different than the first domain name of the first destination ofthe unencrypted particular call, and (ii) the encrypted string, thatencrypts the first domain name of the first destination and the path tothe content, as a path of the obfuscated call; receive the content fromthe second destination in response to issuing said obfuscated call tothe second destination; and insert the content into a presentation orrendering on the user device.
 17. A non-transitory computer-readablemedium of a user device, storing a set of processor-executableinstructions, which, when executed by one or more processors of the userdevice, cause the one or more processors to: receive a base page from ahost in response to a request from the user device; detect in the basepage, an unencrypted particular call for content comprising one of aUniform Resource Locator (URL), Cascade Style Sheet (CSS) selector, orHyperText Markup Language (HTML) element with a first domain name of afirst destination, that is different than the host, and a path to thecontent provided by the first destination; encrypt the first domain nameand the path of the unencrypted particular call as an encrypted stringusing a cipher key in response to said receiving the base page with theunencrypted particular call at the user device from the host; rewritethe URL, the CSS selector, or the HTML element of the unencryptedparticular call as an obfuscated call comprising (i) a second domainname of a second destination, that is different than the first domainname of the first destination of the unencrypted particular call, and(ii) the encrypted string, that encrypts the first domain name of thefirst destination and the path to the content, as a path of theobfuscated call; receive the content from the second destination inresponse to issuing said obfuscated call to the second destination; andinsert the content into a presentation or rendering on the user device.